HIPAA Testing Trends

2020 HIPAA Testing Trends

http://info.securitymetrics.com/2020-hipaa-testing-trends

Interested in more HIPAA Compliance statistics? Check out our HIPAA Guide.

2020 HIPAA Testing Trends

How Is Healthcare Doing With Testing Their Environments?

Over the past three years, we interviewed over 150 healthcare professionals responsible for HIPAA compliance (i.e., 61 professionals in 2019, 40 in 2018, and 56 in 2017) about how organizations test their environment, through such things as vulnerability scans and penetration tests. This infographic is an analysis of their collected responses.

2019 SUMMARY

• 53% conduct vulnerability scans.
• 46% conduct vulnerability scans at least quarterly.
• 17% perform penetration tests.
• 10% perform penetration tests at least annually.
  

Organizations Conduct Vulnerability Scanning

Pro Tip: Organizations should perform vulnerability scans–both internal and external scans–to confirm their network security.

2019 Data

• 53% Yes
• 27% Don't know
• 20% No

2018 Data

• 68% Yes
• 9% Don't know
• 23% No
  

How Often Organizations Conduct Vulnerability Scans

Pro Tip: Organizations should regularly conduct vulnerability scans (e.g., quarterly).

2019 Data

• Never: 20%
• Don’t know: 26%
• After a major network change: 7%
• Annually: 8%
• Semiannually: 2%
• Quarterly: 39%
• Monthly: 7%

2018 Data

• Never: 22%
• Don’t know: 20%
• After a major network change: 0%
• Annually: 1%
• Semiannually: 1%
• Quarterly: 46%
• Monthly: 10%
  

Organizations perform penetration tests

Pro Tip: To protect against cyber-attacks, penetration testing is vital to a network’s security.

2019 Data

• Yes: 17%
• Don't know: 43%
• No: 40%

2018 Data

• Yes: 24%
• Don't know: 45%
• No: 31%

2017 Data

• Yes: 26%
• Don't know: 58%
• No: 16%
  

How often organizations perform penetration tests

Pro Tip: Organizations should regularly perform penetration tests (e.g., annually and after major network changes).

2019 Data

• Never: 44%
• Don’t know: 42%
• Every other year: 2%
• Annually: 8%
• After major network changes: 2%
• Annually and after major network changes: 2%

2018 Data

• Never: 38%
• Don’t know: 53%
• Every other year: 2%
• Annually: 5%
• After major network changes: 0%
• Annually and after major network changes: 2%

2017 Data

• Never: 8%
• Don’t know: 78%
• Every other year: 2%
• Annually: 6%
• After major network changes: 2%
• Annually and after major network changes: 4%
  

HIPAA TAKEAWAYS SINCE 2018

• 22% decrease in organizations that conduct vulnerability scans.
• 18% decrease in organizations that conduct vulnerability scans at least quarterly.
• 29% decrease in organizations that perform penetration tests.
• 43% increase in organizations that perform penetration tests at least annually.

Click Here to Download the Guide to HIPAA Compliance